Australia’s controversial My Health Record program has once again come under scrutiny after it has been revealed data breaches of the system have increased in the last 12 months.

Over a 24 month period, My Health Record documents have revealed 77 data breaches reported to the Australian Information Commissioner, including 42 new breaches recorded since Australians began being automatically enrolled into the system last year.

DATA BREACHES

Accordingto reports, records show data was breached by authorities for a number of reasons, including after a child was mistakenly given parental authorisation to view a record, 24 for suspected cases of Medicare fraud, and 17 due to “intertwined Medicare records”.

The numbers show an increase from the 2016-2017 report, where My Health Record authorities reported 35 data breaches, all of a similar nature to this year’s breaches.

The Australian Digital Health Agency, which was established in July 2016, has a legal responsibility under the My Health Records Act 2012 to report notifiable data breaches to the Office of the Australian Information Commissioner (OAIC).

A spokesperson for the Australian Digital Health Agency emphasised that these breaches were “not intentional”:

“Errors of this type occur due to either alleged fraudulent Medicare claims or manual human processing errors, as was the case for breaches reported during the 2017-2018 financial year.”

Currently, six million Australians are in the My Health Record database. By the end of October, 1.1 million Australians had opted out of My Health Record out of concerns for privacy and data security.

BACKLASH

This new development rounds off a controversial 12 months for My Health Record.

Critics fear sensitive information held by the system could be accessed by hackers, and are also concerned the records could be used for commercial gain.

Caroline Edwards, the Deputy Secretary of the Department of Health, told a Senate hearing recently that third-party access arrangements would allow medical and public health researchers access to “de-identified data”.

Kerryn Phelps, independent MP and former president of the Australian Medical Association, spoke on the developments:

“We’ve been consistently reassured by the Minister that no such privacy breaches had occurred.

This was confirmation that there have been privacy breaches, some serious, and it shows the potential for further privacy breaches as this data base comes online and becomes more used.”

Labor’s health spokeswoman Catherine King said the breaches were more evidence of government mismanagement.

“The opposition has called for the system to be reviewed by the Privacy Commissioner before its final roll-out.”

The Australian Digital Health Agency annual report, which detailed the breaches, noted that there have been “no purposeful or malicious attacks compromising the integrity or security of the My Health Record system”.

ADVERTISEMENT:

Australia's Purest Water. The only water 100% guaranteed to be completely free of chlorine, fluoride, bacteria, sodium and other impurities so prevalent in bottled and tap water in Australia. Available at Coles, Woolworths and IGA.